[02:02] <bindi> how come I have to do 'sudo iptables-apply' each time I reboot to have my rules take effect?
[02:02] <bindi> On ubuntu server 16.04. "Applying new iptables rules from '/etc/network/iptables.up.rules'... done."
[02:37] <drab> what's the magical boot parameter that will get me the ubuntu installer in text mode? I'm still trying to get qemu to install mini.iso from PXE
[02:38] <drab> I got it to boot and fetch the kernels, but when the installation starts I get "640x480 VGA mode" and I can't see jack anymore
[02:38] <drab> (I'm in a terminal)
[02:38] <drab> bindi: do you have iptables-restore ?
[02:39] <drab> I'm using a fw manager so I don't quite know what the "vanilla" setup does, but iirc it's all about iptables-save and then iptables-restore at boot time
[02:39] <drab> bindi: are you using ufw?
[02:42] <bindi> drab: not using ufw
[02:42] <bindi> drab: yes there is iptables-restore command if you mean that
[02:45] <sarnold> dpkg -L iptables doesn't show any systemd unit files, sysv-init files, or upstart files.
[02:45] <bindi> drab: got it. sudo dpkg-reconfigure iptables-persistent
[02:45] <bindi> it saved the current rules to /etc/iptables/rules.v4
[02:46] <bindi> and claims they'll be loaded on boot
[02:53] <drab> bindi: see sarnold's question, if you do a dpkg -L does it show any systemd stuff?
[02:53] <drab> if it loads things at boot it must have something running at boot, either a systemd unit or an older style sysv-init
[02:53] <drab> otherwise it's lying to you :P
[02:54] <drab> sarnold: any clue about forcing the ubuntu installer into text mode through some kernel boot param?
[02:54] <bindi> The iptables-persistent package causes the following to run on reboot:
[02:54] <bindi> iptables-restore < /etc/iptables/rules.v4
[02:54] <bindi> ip6tables-restore < /etc/iptables/rules.v6
[02:54] <sarnold> thanks for tracking that down bindi :)
[02:55] <sarnold> drab: maybe novga? It's been years since I've had to fiddle with kernel command line parameters for video ..
[02:55] <drab> I have vga=text and that works to get me the text stuff until the ubuntu installer loads
[02:55] <drab> then I get a 640x480 video mode message and don't see abnything else
[02:55] <drab> so it seems to me the ubuntu installer isn't getting the hint about text...
[02:57] <drab> I also tried nofb and no joy
[03:00] <sarnold> oh there we go, kernel command line parameters moved to Documentation/admin-guide/kernel-parameters.txt
[03:03] <drab> sarnold: yeah, I think I tried most of them
[03:14] <drab> holy cow, it finished... blind preseed
[03:14] <drab> only thing is, somehow it's broken and not running sshd by the time preseed finishes late_command
[03:14] <drab> and I can't see why
[03:14] <sarnold> maybe give it a minute or something
[03:14] <drab> but at least I have a pxe'booted and installed qemu image that boots fine
[03:15] <drab> I waited for a bunch and it actually saw the port as open
[03:15] <drab> ssh_exchange_identification: read: Connection reset by peer
[03:15] <drab> that's what I was getting
[03:15] <sarnold> vm instances often have rubbish entropy available so the key generation on first boot cna take forever
[03:15] <drab> this was even first boot, it was at the end of the preseed
[03:16] <drab> what I'm trying to do is install mini, then chroot into /target, run sshd
[03:16] <drab> and then use ansible to complete the installation
[03:16] <drab> and only then reboot
[03:16] <drab> it works on baremetal and even virtualbox actually
[03:16] <drab> not sure what's going on with qemu
[03:16] <drab> the preseed must have worked since ssh was up, hence the above error
[03:17] <drab> during install I was just getting connection refused
[03:45] <drab> ok, found the problem
[03:45] <drab> well, what's wrong, not quite sure why it's happening in qemu and not on baremetal...
[03:46] <drab> but the chroot is weird and it needs some helping to set up and somehow that setup fails on qemu
[04:24] <fishcooker> how to audit the processes running on sar log on range time 02:31:09 PM - 02:45:11 PM  when i have sar snip like this http://vpaste.net/d1O98 ?
[04:46] <grv> hi
[04:46] <grv> I have lots of process running with same name on task manager ,consuming lot of memory
[04:47] <grv> https
[04:47] <grv> httpd sry
[04:47] <grv> i want to stop this httpd populating my ram
[04:47] <grv> anyone??
[04:50] <grv> wht d hell
[04:54] <cpaelzer> good morning
[04:55] <cpaelzer> grv stop/restart/rconfigure your apache?
[04:55] <cpaelzer> ah no more here
[05:00] <fishcooker> httpd that's must be a non ubuntu servers right, grv?
[05:03] <fishcooker> let's say i want to point user to view http://stackoverflow.com/questions/4480304/how-to-set-http-headers-for-cache-control but on specific solution on date answered Oct 5 '11 at 15:55 how to point to the page directly
[05:05] <cpaelzer> fishcooker: there is a little "share" button on the bottom left of each answer
[05:57] <fishcooker> cool thankyou cpaelzer
[06:17] <lordievader> Good morning.
[06:22] <Pjusur> Good morning, should I go with the default openvpn packages i Xenial?(5 y support) or should I get the ones from openvpns repo? Stability and security is my main concerne(bug fixes etc.)
[10:08] <Aison> how can I limit the console resolution of ubuntu server to 1280x1024
[10:08] <Aison> now, it is 1600x1090
[10:09] <Aison> sorry, i'm sleeping, it is hd: 1920x1080
[11:18] <Aison> d
[11:21] <adac>  https://gist.github.com/anonymous/c8ac84e861d0bcd93337a2926acccce1 this is hwoing me the docker installations. However when I do:  apt-get remove docker-engine it says:
[11:21] <adac> Package 'docker-engine' is not installed, so not removed
[11:21] <adac> any ideas on how to remove it?
[12:37] <zioproto> hello all
[12:38] <zioproto> Is anyone interested in a nova newton refresh >
[12:38] <zioproto> ??
[12:38] <zioproto> I need 14.0.5
[12:38] <zioproto> to upgrade from Mitaka
[12:38] <zioproto> because this thing here is only in 14.0.5 https://review.openstack.org/#/c/438630/
[12:38] <zioproto> and the current Ubuntu package is 14.0.4
[12:39] <zioproto> coreycb: is anyone working on refreshing the nova package for newton or I can submit a merge request ?
[13:47] <coreycb> zioproto, you might want to check with jamespage on the nova newton refresh
[13:48] <zioproto> jamespage: ping ?
[13:48] <jamespage> zioproto: I'll put it on my list
[13:49] <jamespage> I have some other backlog to clear first, and then I'll look at the set of newton minor version updates
[14:05] <zioproto> jamespage: I will send you a Merge Request on LP. I am building the package right now
[14:05] <zioproto> it is a easy refresh, non of the debian/patches have been merged
[14:18] <smoser> rbasak, https://code.launchpad.net/~smoser/uvtool/+git/uvtool/+merge/322217 any comments ?
[14:56] <rbasak> smoser: sorry, I'd forgotten all about that. Looking now.
[15:04] <drab> moin
[15:05] <drab> anybody around familiar with what it takes to force the installer into text mode? somehow the boot process is text, but when the debian-installer fires off it seems to switch to 540x480 vga mode
[15:05] <drab> this is not a problem on baremetal, but it means no output on qemu running in text mode
[15:05] <drab> for whatever reason passing novga, nofb, nomodeset, text on the kernel command line makes no difference
[15:07] <drab> also, and sarnold maybe here you have some input/historical data point, /usr/lib/qemu/qemu-bridge-helper seems to be setuid on other distros to allow users to start a kvm instance and get a valid tap device
[15:07] <drab> however on ubuntu it's not setuid and so I get an error starting the instance if I try to use that helper to get the tap interface going
[15:07] <drab> I'm wondering if that was a deliberate choice at some point
[15:09] <drab> Aison: it's the vga parameter in grub cmd line, forgot if it's 791, just check the modes
[15:09] <drab> Aison: http://pierre.baudu.in/other/grub.vga.modes.html
[15:09] <drab> looks like it's 793-795 depending on color depth you want
[15:11] <Aison> drab, i found many solutions, like video= or also vga=  somehow grup enters into this resolution, but while booting, it suddenly changes to 1080p
[15:13] <Aison> brb
[15:13] <drab> Aison: ok, so maybe we're having the same problem after all... I thought it was the installer triggering something but maybe not
[15:13] <drab> in my case there's no grub tho, it's booting a kernel directly specified in the pxe menu
[15:19] <zioproto> jamespage: I found a new nova bug, fixing it with nova-devs, looks like there will be a new nova release in newton soon
[15:19] <zioproto> jamespage: wait to refresh the package
[15:52] <zioproto> jamespage: https://bugs.launchpad.net/nova/+bug/1684861
[15:52] <zioproto> this bug has roots in the kilo to liberty upgrade
[15:52] <zioproto> https://bugs.launchpad.net/nova/+bug/1511466
[15:53] <zioproto> because this one is still open I assume most operators used that workaround to upgrade
[16:27] <ppetraki> __Yiota, how goes the battle?
[16:27] <__Yiota> good, not sure how to optimize the cache on AWS
[17:42] <hallyn> there's no maas packages for centos yet right?
[17:42]  * hallyn rolls up his sleeves to try out oVirt
[17:42] <hallyn> rharper: if you were stuck with centos hosts, what would you use for something where you want to quickly spin up vms?
[17:43] <hallyn> on my own hosts i use uvt-kvm;  elsewher ei'd use openstack...  but on centos...
[17:43] <hallyn> i suppose i *could* just use libvirt and virt-install
[17:43] <hallyn> but i'm hoping you'll tell me i can install maas :)
[17:44] <ppetraki> hallyn, ovirt is still a thing?
[17:47] <sarnold> 185 folks in #ovirt on oftc
[17:47] <sarnold> I guess it's still a thing :)
[17:49] <hallyn> ppetraki: i wondered that too :)
[17:49] <hallyn> sarnold: suppose i should make that 186.  if i must
[18:00] <rharper> hallyn: hrm, virt-install with isos I suppose
[18:01] <rharper> hallyn: but I Think there are centos cloud-images, in which case, you could look at our xkvm wrapper for qemu cli;  xkvm is inside the curtin project
[18:22] <scottjl> there's a lxd image for centos
[21:59] <Aison> i'm making a test installation of ubuntu 17.04 and I notice quite some differences in the sshd_config compared to the previous versions of ubuntu
[21:59] <Aison> is there anything to consider?
[22:05] <tomreyn> Aison: to consider regarding what?
[22:05] <drab> what's the deal with ubuntu and libvirt? libvirt seems "production ready" on RH land, but ubuntu seems to be heavily invested in containers (and lxd)
[22:06] <Aison> tomreyn, e.g. the hostkey stuff is disabled like: #HostKey /etc/ssh/ssh_host_rsa_key
[22:06] <drab> are ubuntu server ppl using libvirt in prod? and does anybody run containers with it?
[22:06] <sarnold> drab: afaik the only real missing piece for libvirt on xenial is lack of making new zfs zvol pools
[22:06] <Aison> is it disabled because it is not in use, or is it disabled because it is the default value
[22:06] <drab> Aison: default value
[22:06] <drab> sarnold: ah, ok, that I can live with
[22:07] <sarnold> drab: almost no one in ubuntu-land uses libvirt-lxc; but libvirt-qemu is used all the time
[22:07] <drab> what really holds me back is the container stuff, which seems second class big times
[22:07] <drab> ok
[22:07] <drab> that's the impression I had, yeah
[22:07] <sarnold> yeah; for containers ubuntu folks use lxc or lxd
[22:07] <sarnold> depending upon taste
[22:07] <Aison> drab, thx
[22:07] <sarnold> I guess there's loads of folks who use docker too, but i'm more familiar with people using lxd
[22:08] <drab> and that's what's kind of throwing me off... I don't quite want to invest to learn both frameworks
[22:08] <drab> yeah, no docker here, thanks
[22:08] <drab> also it seems that to make those play along (libvirt and lxd) could be potentially troublesome
[22:08] <drab> sharing bridges, pools, etc, would prolly have to separate everything
[22:08] <drab> which means running a kvm instance and a bunch of containers on the same host trouble
[22:09] <drab> but then running qemu manually is being a real pain too...
[22:09] <nacc> drab: libvirt-lxc is sadness
[22:09] <nacc> drab: just an fyi
[22:09] <drab> there doesn't even seem to be any provision to strt qemu guests at boot other than hacky home-baked scripts
[22:09] <drab> nacc: yeah, like I said, that's the impression I got
[22:09] <drab> hence staying away from libvirt and investing in lxd
[22:09] <nacc> drab: i'm stating it as more than your impression :)
[22:10] <drab> hah, ok
[22:10] <nacc> libvirt is still very reasonable to use for kvm guests
[22:10] <drab> point taken
[22:10] <nacc> and i think there are many folks that use libvirt and lxd
[22:10] <drab> but then I have all this nfs-kernel-server which containers are no good for
[22:10] <drab> mmmh ok, I have not see much if any of that
[22:10] <nacc> they can probably even be on the same bridge
[22:10] <tomreyn> Aison:  yes, /etc/ssh/ssh_host_rsa_key is generated by default (unless present) on sshd startup
[22:10] <drab> ie blogs or docs mixing the two, sharing bridges and pools etc
[22:11] <Aison> drab, tomreyn thx
[22:12] <drab> also for some reason I don't seem to be able to get taps created without sudo even after setuid'ing qemu-bridge-helper
[23:50] <hallyn> rharper: ... or maybe i'll just wait for someone to install ubuntu on the hosts :)
[23:50]  * hallyn looks for the cloud images